How is 15.0.0.8.7
? Does it work for you? For me only partially. I sudo apt install --no-install-recommends i2p i2p-router privoxy
. Then started i2pbrowser
from command line and opened http://127.0.0.1:7657
. Web interface was functional but clicking any i2p domains failed with a privoxy error message. Expected?
Takes time for the router to integrate. eepsite connections are a wash. Some work sometimes, then donât. Could be poor perf parameters we have or the network is overloaded.
@Thinkablemellow can you please come up with optimal bandwidth settings?
yes, but i think the main issue is startup time and tunnel length.
I guess the notification from my old setup would also be handy here, so People know when the Router is ready ?
Did you wait 10-15min? I2P takes some time
Reworded I2P local browser welcome page.
- Old: tb-starter/usr/share/tb-profile-i2p/i2p-diffs.html at 10.7-1 · Kicksecure/tb-starter · GitHub
- New: https://github.com/Whonix/tb-starter/blob/master/usr/share/homepage/i2pbrowser/i2p-diffs.html
Please review.
No.
Ok, will try.
Yes. Patches welcome.
There is currently 1 blocker for installing I2P by default in Whonix-Workstation.
Currently I2P (usual systemd unit file) is automatically started for users who upgrade from Whonix developers repository. And I donât think we want to make all of Whonix users briefly connect to I2P during upgrade until next reboot for security reasons. I2P start was supposed to be opt-in, not default.
Autostart of privoxy and i2p systemd unit files gets disabled in anon-apps-config /lib/systemd/system-preset/50-anon-apps-config.preset, yes, but that package gets installed only after the i2p package is installed during the upgrade process. [1]
This could be handled in next release upgrade Whonix 15 buster â Whonix 16 bullsyee.
[1] That config file /lib/systemd/system-preset/50-anon-apps-config.preset is functional. It works for privoxy non-autostart but not for i2p non-autostart. It depends on the order in which packages are installed. Both, i2p and privoxy will not be autostarted after reboot.
Bug: i2pbrowser does not show i2p local browser homepage.
To debug, I have edited /usr/share/tb-profile-i2p/start-i2p-browser to add
#!/usr/bin/env bash
set -x
true "TOR_DEFAULT_HOMEPAGE: $TOR_DEFAULT_HOMEPAGE"
and saw that variable TOR_DEFAULT_HOMEPAGE
is correctly set to /usr/share/homepage/i2pbrowser/i2p-diffs.html
.
Opening /usr/share/homepage/i2pbrowser/i2p-diffs.html
in i2pbrowser is also functional.
Therefore I am clueless why i2p local browser homepage does not open.
Might or might not be related:
tb-starter /usr/share/tb-profile-i2p/start-i2p-browser
- What is the purpose of it?
- Is it really needed?
- If not needed: Removed please (plus /usr/bin/torbrowser integration.
- If needed: please forward port changes to
~/.tb/tor-browser/Browser/start-tor-browser
(changes by Tor Project, not me) to /usr/share/tb-profile-i2p/start-i2p-browser since their changes might be needed. There should not be any unexplained difference.
yeah this is no good for an opt-in, on the other hand is it really that bad to connect to i2p briefly? its trough Tor anyway. Obviously your call.
Sounds good to me, i dont think there is any rush for this, people who want to use it now can use the wiki to do so.
Looking in to it
roger that
Thinkablemellow via Whonix Forum:
yeah this is no good for an opt-in, on the other hand is it really that bad to connect to i2p briefly? its trough Tor anyway. Obviously your call.
It would make all of Whonix users vulnerable to the attack surface
provided by I2P. I am not saying I2P has any remote exploitable
vulnerabilities but just from a security theoretic perspective it ought
to be avoided to expose all users to that risk even though they might
not be interested in I2P at all.
Is it an I2P setting? If trivial to add letâs do it.
Sadly no
Not trivial but also not complicated if we use i2pcontrol, iâll look what i can do
Another Issue we have to address is the old Version in the Debian Repos, its nonsensical to add an old version to whonix by default.
So this should also be a blocker for the inclusion.
I tested this Setup and can confirm that its working (i waited 15-20min) and also have the same issues with i2pbrowser Patrick has, still looking into that.
âadded in alternate profile and alternate profile launcherâ
it is another launcher which like the i2pbrowser script doesnât work (anymore), i played around with it but nothing works and every change is ignored by tbb, so there has to be something that changed.
I also remember an open-link-confirmation dialog when i last tried i2pbrowser, so something definitely changed.
I still havenât figured out what though anyone else any idea?
just to note one thing about TB changes (unrelated to this case): before
when you tested TB with I2P Torbutton was a plugin within the browser,
now its built-in within the browser. So i dont know how to isolate Tor
from the browser if its based on vanilla TB (maybe disabling it through
about:config?..).
Thinkablemellow via Whonix Forum:
Could be but nothing indicates that Torbutton is involved since we get a successful i2p proxy, which wouldnât work if Torbutton was involved (that was an old Issue we had in the GW Thread)
@HulaHoop
Whats the reason for : user_pref("browser.startup.homepage", "about:blank");
in /usr/share/tb-profile-i2p/profile.i2p/user.js ?
I removed that setting but still get the blank page, no matter how or when i set the hompage it always gets ignored, the only way i could make i2pbrowser open that i2p-diffs.html is by opening it directly like Patrick posted above.
Can we use a simple workaround in /usr/bin/i2pbrowser for that?:
if [ $# -lt 1 ] then torbrowser /usr/share/homepage/i2pbrowser/i2p-diffs.html else torbrowser "$@" fi
?
Has anybody tested if Secbrowser is working with its custom Homepage?
Thinkablemellow via Whonix Forum:
Whats the reason for :
user_pref("browser.startup.homepage", "about:blank");
in /usr/share/tb-profile-i2p/profile.i2p/user.js ?
Once that was ever set it might not be easy to revert without creating a
new browser profile. Delete ~/.i2p folder if no data to preserve there
and try again.
Thinkablemellow via Whonix Forum:
Can we use a simple workaround in /usr/bin/i2pbrowser for that?:
if [ $# -lt 1 ] then torbrowser /usr/share/homepage/i2pbrowser/i2p-diffs.html else torbrowser "$@" fi
?
Not good. Irrc in past passing a link that way had broken security slider.
Also understanding root causes is better than piling up workarounds on top.
ah thanks, that did the job
Itâs not one of the things I set, but I think it was done to avoid displaying the original TBB landing page?
Thinkablemellow via Whonix Forum:
ah thanks, that did the job
change console Page to /home by Thinkablemell0w · Pull Request #12 · Kicksecure/tb-starter · GitHub
remove blank homepage setting by Thinkablemell0w · Pull Request #11 · Kicksecure/tb-starter · GitHub
Merged.
Why /home
why not ânothingâ? Would âplainâ http://127.0.0.1:7657
be
better?
The static I2P version in stable is not set in stone. We can revert the auto updater disabling theyâve done in Debian, but I want to know the Debian devsâ reason for doing it in the first place. @Thinkablemellow @nurmagoz can you get in touch with the Debian devs and ask them why theyâve turned the updater off?